<?php
// +----------------------------------------------------------------------
// | ThinkBLOG (Build on ThinkPHP)
// +----------------------------------------------------------------------
// | @link ( http://www.yurnero.net )
// +----------------------------------------------------------------------
// | @licensed ( http://www.apache.org/licenses/LICENSE-2.0 )
// +----------------------------------------------------------------------
// | @author nicholas <nicholasinlove@126.com>
// +----------------------------------------------------------------------
// | $Id: HackCheckBehavior.class.php 105 2012-04-06 07:47:44Z nicholasinlove1986@gmail.com $
// +----------------------------------------------------------------------


class HackCheckBehavior extends Behavior {
	
	protected $options = array ('URL_XSS_DEFEND' => true, 'REFLESH_VISIT_ON' => true, 'LIMIT_REFLESH_TIMES' => 10, 'LIMIT_PROXY_VISIT' => true, 'LIMIT_ROBOT_VISIT' => true );
	
	public function run(&$params) {
		
		/** XSS 安全过滤 */
		if (C ( 'URL_XSS_DEFEND' ) && $_SERVER ['REQUEST_METHOD'] == 'GET' && ! empty ( $_SERVER ['REQUEST_URI'] )) {
			$temp = strtoupper ( urldecode ( urldecode ( $_SERVER ['REQUEST_URI'] ) ) );
			if (strpos ( $temp, '<' ) !== false || strpos ( $temp, '"' ) !== false || strpos ( $temp, 'CONTENT-TRANSFER-ENCODING' ) !== false) {
				tmessage ( 'Request Bad Url' );
			}
		}
		
		/** 防刷新 */
		if (C ( 'REFLESH_VISIT_ON' ) && ($_SERVER ['REQUEST_METHOD'] == 'GET')) {
			$guid = md5 ( $_SERVER ['PHP_SELF'] );
			$attackevasive = cookie ( 'reflesh' . $guid );
			if (isset ( $attackevasive ) && $attackevasive > time () - C ( 'LIMIT_REFLESH_TIMES' )) {
				header ( 'HTTP/1.1 304 Not Modified' );
				exit ();
			} else {
				cookie ( 'reflesh' . $guid, $_SERVER ['REQUEST_TIME'], $_SERVER ['REQUEST_TIME'] + 3600 );
			}
		}
		
		/**  代理访问检测 */
		if (C ( 'LIMIT_PROXY_VISIT' ) && ($_SERVER ['HTTP_X_FORWARDED_FOR'] || $_SERVER ['HTTP_VIA'] || $_SERVER ['HTTP_PROXY_CONNECTION'] || $_SERVER ['HTTP_USER_AGENT_VIA'])) {
			tmessage ( 'Proxy Connection Denied' );
		}
		
		/**  机器人访问检测 */
		if (C ( 'LIMIT_ROBOT_VISIT' ) && self::isRobot ()) {
			tmessage ( 'Access Denied' );
		}
		
		/**  对用户传入的变量进行转义操作 */
		if (! MAGIC_QUOTES_GPC) {
			$_GET = taddslashes ( $_GET );
			$_POST = taddslashes ( $_POST );
			$_COOKIE = taddslashes ( $_COOKIE );
			$_FILES = taddslashes ( $_FILES );
		}
		
		/**  强行关闭PHP register_globals，防止register_globals变量覆盖攻击 */
		if (ini_get ( 'register_globals' )) {
			tregisterglobalsoff ( $GLOBALS );
			tregisterglobalsoff ( $_POST );
			tregisterglobalsoff ( $_COOKIE );
			tregisterglobalsoff ( $_REQUEST );
			tregisterglobalsoff ( $_GET );
			tregisterglobalsoff ( $_SERVER );
			tregisterglobalsoff ( $_ENV );
			if (isset ( $_SESSION ))
				tregisterglobalsoff ( $_SESSION );
			tregisterglobalsoff ( $_FILES );
		}
		
		/**  防止数据流没有魔法转义造成的攻击 */
		if (! isset ( $HTTP_RAW_POST_DATA )) {
			$HTTP_RAW_POST_DATA = file_get_contents ( 'php://input' );
		} else {
			$HTTP_RAW_POST_DATA = taddslashes ( trim ( $HTTP_RAW_POST_DATA ) );
		}
	
	}
	
	static private function isRobot() {
		static $_robot = NULL;
		if (is_null ( $_robot )) {
			$spiders = 'Bot|Crawl|Spider|slurp|sohu-search|lycos|robozilla';
			$browsers = 'MSIE|Netscape|Opera|Konqueror|Mozilla';
			if (preg_match ( "/($browsers)/", $_SERVER ['HTTP_USER_AGENT'] )) {
				$_robot = false;
			} elseif (preg_match ( "/($spiders)/", $_SERVER ['HTTP_USER_AGENT'] )) {
				$_robot = true;
			} else {
				$_robot = false;
			}
		}
		return $_robot;
	}

}